package cn.iune.web.security.shiro;

import java.io.Serializable;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.util.StringUtils;

/*
 * 兼容ajax获取sessionid
 */
public class MySessionManager extends DefaultWebSessionManager {
	
    private static final String AUTHORIZATION = "sid";
    
    private static final String REFERENCED_SESSION_ID_SOURCE = "Stateless request";

	public MySessionManager() {
		super();
	}

	@Override
	protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
		//String id = WebUtils.toHttp(request).getHeader(AUTHORIZATION);
		
		HttpServletRequest httpRequest = (HttpServletRequest)request;
		/*
		 * System.out.println(
		 * "---------------MySessionManager.getSessionId开始-----------------------------------------------------------------------------"
		 * );
		 * System.out.println("httpRequest.getAuthType()-->"+httpRequest.getAuthType());
		 * System.out.println("httpRequest.getMethod()-->"+httpRequest.getMethod());
		 * System.out.println("httpRequest.getHeader('USER-AGENT')-->"+httpRequest.
		 * getHeader("USER-AGENT").toLowerCase());
		 * System.out.println("httpRequest.getPathInfo()-->"+httpRequest.getPathInfo());
		 * System.out.println("httpRequest.getPathTranslated()-->"+httpRequest.
		 * getPathTranslated());
		 * System.out.println("httpRequest.getQueryString()-->"+httpRequest.
		 * getQueryString()); //
		 * System.out.println("httpRequest.getRemoteUser()-->"+httpRequest.getRemoteUser
		 * ()); System.out.println("httpRequest.getRequestedSessionId()-->"+httpRequest.
		 * getRequestedSessionId());
		 * System.out.println("httpRequest.getRequestURI()-->"+httpRequest.getRequestURI
		 * ());
		 * System.out.println("httpRequest.getRequestURL()-->"+httpRequest.getRequestURL
		 * ());
		 * 
		 * Enumeration paraNames1=httpRequest.getHeaderNames(); for(Enumeration
		 * e=paraNames1;e.hasMoreElements();){ String
		 * thisName=e.nextElement().toString(); String
		 * thisValue=httpRequest.getHeader(thisName);
		 * System.out.println("HeaderName-------------->>"+thisName+"--------------"+
		 * thisValue); }
		 * 
		 * System.out.println(
		 * "------------------MySessionManager.getSessionId完成--------------------------------------------------------------------------"
		 * );
		 */
		//前端开发时，ajax请求之前加入sid到header中（代表前后端分离开发时sessionid）
		String id = httpRequest.getHeader(AUTHORIZATION);
		
        //如果请求头中有 Authorization 则其值为sessionId
        if (!StringUtils.isEmpty(id)) {
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE, REFERENCED_SESSION_ID_SOURCE);
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, id);
            request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
            return id;
        } else {
            //否则按默认规则从cookie取sessionId
            return super.getSessionId(request, response);
        }
		/*
		 * --------------------- 版权声明：本文为CSDN博主「ReWinD00」的原创文章，遵循CC 4.0
		 * by-sa版权协议，转载请附上原文出处链接及本声明。
		 * 原文链接：https://blog.csdn.net/u013615903/article/details/78781166/
		 */
	}

	
	
	
	
	
	
}
